With the rapid growth of the IT world, along with technological advances of computer software and hardware, the rise of new viruses and hacking techniques are inevitable. Big corporations, small businesses, and personal computers are hacked and made obsolete on a regular basis, by malicious software, Trojans, viruses, worms, etc. It is because of this that Intrusion Detection System (IDS) was introduced to the IT world. Basically, the IDS is a system that identifies attempts to hack into a system network, or attempts to break into the computer to misuse it.
An IDS is commonly used to detect various types of malicious activities that can jeopardize the security and productivity of a computer or computer network. Attacks can come in the form of, network attacks against vulnerable services, unauthorized logins, access to sensitive files, and the more common attacks such as Trojans, worms, viruses etc. These attacks can really negatively impact a corporation and or small business to a severe extent, hence why most upscale companies make full use of intrusion detection systems.
It is important to understand that an IDS is made up of several components. Sensors which generate security events, a console to monitor events, alerts, and control the sensors. Another component of an IDS is its central engine that records events logged by the sensors in a database and uses a system of rules imposed by the administrator to generate alerts from security events received. There are various types of intrusion detection systems, and several ways to categorize them. Their category usually depends on location of the sensors and methodology used in the engine to generate alerts. In many, more simplistic IDS, all components are combined into a single device. Whereas in more complex intrusion detection systems, the components are separate and are designated their own hardware. They work in combination with one another having a situation that...